The switch thing is okay, because you are comparing against a hard-coded value (however, it's case "show":
btw).
As @Bruce mentions in the comments, you should add a default:
case as well to catch values that are not on the list, or empty values:
switch ($_GET['action']) {
case "show":
$match_show = true;
break;
default:
// value is not on the list. React accordingly.
echo "Unknown value for 'action'".
}
The second thing is potentially dangerous, as it would be possible to inject HTML and more importantly, JavaScript into the document body. You should apply a htmlspecialchars()
on the variable before echoing it.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…